Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0a2f0aab-7a16-49a3-aa7f-d3597e172d87.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3665fb1d-9134-44f6-bfd0-da03bf18d40e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6d448dab-35ab-4cdb-b6c9-6d6b0f6b173c.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7e9dd9fb-02a5-4795-98f6-056bf270944d.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\15edcf6e-1994-4641-a348-fb9d13754739.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\27b7c415-8e28-4c65-94a2-96b4795bc53b.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\471401b0-1467-41f6-9c48-65058a15ab46.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\51f9a522-5d08-4630-91a8-1e5a1e417798.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldB (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldDB (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldH. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldai (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
zlib compressed data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session^. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs.. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencess (copy)
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\dec89c75-f112-4f31-8288-1ecdc78f342b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\ef6fa23f-1cef-4a06-83de-dfb4193ec153.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldMP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldpt
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cbe90e8b-61a3-4de5-a142-7a36c5e55cf2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.olds. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e5cec9c3-eb40-458f-9d57-bddcc83cbc19.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldo (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Staten (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5952_837835595\Ruleset Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a2d60544-be62-4f19-bcf9-f63892e7f3cc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b867a857-9f22-44cc-8294-f2958864ab3a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_1619593620\LICENSE
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_1619593620\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_1619593620\crl-set
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_1619593620\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_1619593620\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_2123373721\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_2123373721\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_2123373721\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_2123373721\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5952_2123373721\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\aec8c1a6-84b1-4716-907b-dded18a1e945.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_1973454191\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5952_438319128\aec8c1a6-84b1-4716-907b-dded18a1e945.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
There are 222 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://download.jword.jp/pub/kaipoke/KaipokeWin2.json'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1616,1836502232930432542,12740608836901353048,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1944 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin2.json
|
|
||
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin2.json
|
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
216.58.215.225
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin2.json2:
|
unknown
|
|
|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin.dll
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin2.json2
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin2.json/
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
http://download.jword.jp/favicon.ico
|
52.222.179.45
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.186.46
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin2.json(X
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin.exe
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin2.json
|
52.222.179.45
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 52 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
d226lgrvh2bs95.cloudfront.net
|
52.222.179.45
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
clients.l.google.com
|
142.250.186.46
|
|
|
|
googlehosted.l.googleusercontent.com
|
216.58.215.225
|
|
|
|
download.jword.jp
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.186.46
|
clients.l.google.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
216.58.215.225
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
52.222.179.45
|
d226lgrvh2bs95.cloudfront.net
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF5A8E97000
|
unkown image
|
page readonly
|
|
|
|
7DF54CDB0000
|
unkown image
|
page readonly
|
|
|
|
1459FA40000
|
unkown image
|
page read and write
|
|
|
|
8F66077000
|
stack
|
page read and write
|
|
|
|
7DF5685B0000
|
unkown image
|
page readonly
|
|
|
|
231EBB89000
|
unkown
|
page read and write
|
|
|
|
22F1BD80000
|
heap default
|
page read and write
|
|
|
|
169A5E00000
|
unkown image
|
page readonly
|
|
|
|
7FF58F65A000
|
unkown image
|
page readonly
|
|
|
|
1459FC7F000
|
unkown
|
page read and write
|
|
|
|
7FF58F4B5000
|
unkown image
|
page readonly
|
|
|
|
7FF53F0C7000
|
unkown image
|
page readonly
|
|
|
|
1D8C9000000
|
unkown
|
page read and write
|
|
|
|
7FF55A856000
|
unkown image
|
page readonly
|
|
|
|
7FF58F46F000
|
unkown image
|
page readonly
|
|
|
|
231EBB8D000
|
unkown
|
page read and write
|
|
|
|
7FF559E42000
|
unkown image
|
page readonly
|
|
|
|
7FF561F16000
|
unkown image
|
page readonly
|
|
|
|
231EBB4A000
|
unkown
|
page read and write
|
|
|
|
22F1BDAE000
|
unkown
|
page read and write
|
|
|
|
7FF58F661000
|
unkown image
|
page readonly
|
|
|
|
7FF559F7B000
|
unkown image
|
page readonly
|
|
|
|
7FF561B3B000
|
unkown image
|
page readonly
|
|
|
|
169A5D00000
|
unkown
|
page read and write
|
|
|
|
7FF55A014000
|
unkown image
|
page readonly
|
|
|
|
1459FAB0000
|
heap default
|
page read and write
|
|
|
|
7FF559FAD000
|
unkown image
|
page readonly
|
|
|
|
7FF58F411000
|
unkown image
|
page readonly
|
|
|
|
7DF567CA0000
|
unkown image
|
page readonly
|
|
|
|
88071FA000
|
stack
|
page read and write
|
|
|
|
169A5C3C000
|
unkown
|
page read and write
|
|
|
|
231EBB9B000
|
unkown
|
page read and write
|
|
|
|
7FF559F3D000
|
unkown image
|
page readonly
|
|
|
|
231EB4D0000
|
unkown image
|
page readonly
|
|
|
|
7DF44AC80000
|
unkown image
|
page readonly
|
|
|
|
7FF5620BE000
|
unkown image
|
page readonly
|
|
|
|
8673379000
|
stack
|
page read and write
|
|
|
|
7FF55A941000
|
unkown image
|
page readonly
|
|
|
|
7DF54CDB2000
|
unkown image
|
page readonly
|
|
|
|
7FF561EDB000
|
unkown image
|
page readonly
|
|
|
|
231EB308000
|
unkown
|
page read and write
|
|
|
|
7FF53F077000
|
unkown image
|
page readonly
|
|
|
|
22F1BDA5000
|
unkown
|
page read and write
|
|
|
|
231EBB74000
|
unkown
|
page read and write
|
|
|
|
1D8C94D0000
|
unkown image
|
page readonly
|
|
|
|
7FF561FA0000
|
unkown image
|
page readonly
|
|
|
|
231EB130000
|
unkown image
|
page readonly
|
|
|
|
22F1BEF0000
|
unkown image
|
page read and write
|
|
|
|
2768FAB0000
|
unkown
|
page readonly
|
|
|
|
169A59D0000
|
unkown image
|
page readonly
|
|
|
|
14F54FE000
|
stack
|
page read and write
|
|
|
|
7FF561F14000
|
unkown image
|
page readonly
|
|
|
|
7FF53F047000
|
unkown image
|
page readonly
|
|
|
|
231EBB95000
|
unkown
|
page read and write
|
|
|
|
7DF567CA0000
|
unkown image
|
page readonly
|
|
|
|
867347F000
|
stack
|
page read and write
|
|
|
|
7FF58F5AB000
|
unkown image
|
page readonly
|
|
|
|
DF6ABF7000
|
stack
|
page read and write
|
|
|
|
231EC002000
|
unkown
|
page read and write
|
|
|
|
1D8C903C000
|
unkown
|
page read and write
|
|
|
|
231EBB89000
|
unkown
|
page read and write
|
|
|
|
1459FD13000
|
unkown
|
page read and write
|
|
|
|
86732F9000
|
stack
|
page read and write
|
|
|
|
7FF5620F0000
|
unkown image
|
page readonly
|
|
|
|
7FF58F141000
|
unkown image
|
page readonly
|
|
|
|
7DF56FE32000
|
unkown image
|
page readonly
|
|
|
|
7FF5A917D000
|
unkown image
|
page readonly
|
|
|
|
7FF55A912000
|
unkown image
|
page readonly
|
|
|
|
2768FAA0000
|
unkown
|
page read and write
|
|
|
|
7FF5620D9000
|
unkown image
|
page readonly
|
|
|
|
7FF5A9136000
|
unkown image
|
page readonly
|
|
|
|
7FF56212E000
|
unkown image
|
page readonly
|
|
|
|
7FF561F21000
|
unkown image
|
page readonly
|
|
|
|
7FF559F8E000
|
unkown image
|
page readonly
|
|
|
|
1D8C92D0000
|
unkown image
|
page readonly
|
|
|
|
7FF559F3F000
|
unkown image
|
page readonly
|
|
|
|
7FF561F85000
|
unkown image
|
page readonly
|
|
|
|
7FF58F587000
|
unkown image
|
page readonly
|
|
|
|
7FF58F639000
|
unkown image
|
page readonly
|
|
|
|
231EB2AA000
|
unkown
|
page read and write
|
|
|
|
7DF54CDC2000
|
unkown image
|
page readonly
|
|
|
|
7FF55A009000
|
unkown image
|
page readonly
|
|
|
|
7FF58F5D7000
|
unkown image
|
page readonly
|
|
|
|
7DF54CDC2000
|
unkown image
|
page readonly
|
|
|
|
7FF58F661000
|
unkown image
|
page readonly
|
|
|
|
1459FD08000
|
unkown
|
page read and write
|
|
|
|
7FF559F82000
|
unkown image
|
page readonly
|
|
|
|
231EC002000
|
unkown
|
page read and write
|
|
|
|
22F1BD91000
|
unkown
|
page read and write
|
|
|
|
1D8C8F50000
|
unkown image
|
page readonly
|
|
|
|
231EC002000
|
unkown
|
page read and write
|
|
|
|
7FF559766000
|
unkown image
|
page readonly
|
|
|
|
231EC002000
|
unkown
|
page read and write
|
|
|
|
7FF58F64A000
|
unkown image
|
page readonly
|
|
|
|
7DF5685A0000
|
unkown image
|
page readonly
|
|
|
|
231EBBD6000
|
unkown
|
page read and write
|
|
|
|
7FF53E992000
|
unkown image
|
page readonly
|
|
|
|
231EB180000
|
heap default
|
page read and write
|
|
|
|
7FF559BD5000
|
unkown image
|
page readonly
|
|
|
|
1459FA80000
|
unkown image
|
page readonly
|
|
|
|
1459FA50000
|
heap private
|
page read and write
|
|
|
|
7FF58F2E5000
|
unkown image
|
page readonly
|
|
|
|
7FF561EA2000
|
unkown image
|
page readonly
|
|
|
|
7FF561FE7000
|
unkown image
|
page readonly
|
|
|
|
231EBB87000
|
unkown
|
page read and write
|
|
|
|
7FF55A0DD000
|
unkown image
|
page readonly
|
|
|
|
7FF5620B3000
|
unkown image
|
page readonly
|
|
|
|
7FF58F42D000
|
unkown image
|
page readonly
|
|
|
|
7FF562123000
|
unkown image
|
page readonly
|
|
|
|
231EBB8D000
|
unkown
|
page read and write
|
|
|
|
7FF561B4C000
|
unkown image
|
page readonly
|
|
|
|
231EC06A000
|
unkown
|
page read and write
|
|
|
|
7DF54CDB0000
|
unkown image
|
page readonly
|
|
|
|
7FF561ECA000
|
unkown image
|
page readonly
|
|
|
|
169A5C13000
|
unkown
|
page read and write
|
|
|
|
7FF56207F000
|
unkown image
|
page readonly
|
|
|
|
1D8C904F000
|
unkown
|
page read and write
|
|
|
|
231EBB9D000
|
unkown
|
page read and write
|
|
|
|
7FF561F9D000
|
unkown image
|
page readonly
|
|
|
|
7FF562092000
|
unkown image
|
page readonly
|
|
|
|
7FF559BD2000
|
unkown image
|
page readonly
|
|
|
|
169A6000000
|
unkown image
|
page readonly
|
|
|
|
1459FC4F000
|
unkown
|
page read and write
|
|
|
|
7FF53F14A000
|
unkown image
|
page readonly
|
|
|
|
7FF55A031000
|
unkown image
|
page readonly
|
|
|
|
8F6617D000
|
stack
|
page read and write
|
|
|
|
22F1BDAE000
|
unkown
|
page read and write
|
|
|
|
7DF46DD00000
|
unkown image
|
page readonly
|
|
|
|
7FF53F129000
|
unkown image
|
page readonly
|
|
|
|
7FF55A63A000
|
unkown image
|
page readonly
|
|
|
|
7DF5B7030000
|
unkown image
|
page readonly
|
|
|
|
7DF567C92000
|
unkown image
|
page readonly
|
|
|
|
1D8C907C000
|
unkown
|
page read and write
|
|
|
|
7FF5A93AA000
|
unkown image
|
page readonly
|
|
|
|
8F65CFE000
|
stack
|
page read and write
|
|
|
|
7FF561F2F000
|
unkown image
|
page readonly
|
|
|
|
7FF561D39000
|
unkown image
|
page readonly
|
|
|
|
7FF5A92FB000
|
unkown image
|
page readonly
|
|
|
|
231EB24F000
|
unkown
|
page read and write
|
|
|
|
231EBB9B000
|
unkown
|
page read and write
|
|
|
|
169A6180000
|
unkown image
|
page readonly
|
|
|
|
7FF55A031000
|
unkown image
|
page readonly
|
|
|
|
7FF5A921C000
|
unkown image
|
page readonly
|
|
|
|
231EB160000
|
unkown image
|
page readonly
|
|
|
|
7FF5A91BF000
|
unkown image
|
page readonly
|
|
|
|
7FF561F35000
|
unkown image
|
page readonly
|
|
|
|
231EB253000
|
unkown
|
page read and write
|
|
|
|
7FF53F141000
|
unkown image
|
page readonly
|
|
|
|
7FF58F583000
|
unkown image
|
page readonly
|
|
|
|
1D8C904A000
|
unkown
|
page read and write
|
|
|
|
7DF5685A2000
|
unkown image
|
page readonly
|
|
|
|
7FF561FE2000
|
unkown image
|
page readonly
|
|
|
|
8807079000
|
stack
|
page read and write
|
|
|
|
22F1BC70000
|
unkown image
|
page readonly
|
|
|
|
7FF55A84D000
|
unkown image
|
page readonly
|
|
|
|
7FF545F41000
|
unkown image
|
page readonly
|
|
|
|
7FF5A9303000
|
unkown image
|
page readonly
|
|
|
|
8672FCE000
|
stack
|
page read and write
|
|
|
|
7FF5620AE000
|
unkown image
|
page readonly
|
|
|
|
22F1BC90000
|
unkown image
|
page readonly
|
|
|
|
1459FC70000
|
unkown
|
page read and write
|
|
|
|
231EB9A0000
|
unkown
|
page read and write
|
|
|
|
231EB213000
|
unkown
|
page read and write
|
|
|
|
7DF59D2D2000
|
unkown image
|
page readonly
|
|
|
|
7DF56FE30000
|
unkown image
|
page readonly
|
|
|
|
231EBB26000
|
unkown
|
page read and write
|
|
|
|
2768F850000
|
unkown
|
page read and write
|
|
|
|
7FF58EE9C000
|
unkown image
|
page readonly
|
|
|
|
7FF561A12000
|
unkown image
|
page readonly
|
|
|
|
7DF56FE40000
|
unkown image
|
page readonly
|
|
|
|
7FF5A92C3000
|
unkown image
|
page readonly
|
|
|
|
2768F860000
|
unkown
|
page read and write
|
|
|
|
7FF5621BA000
|
unkown image
|
page readonly
|
|
|
|
169A5990000
|
unkown image
|
page read and write
|
|
|
|
1D8C8FD0000
|
unkown
|
page read and write
|
|
|
|
169A59E0000
|
unkown image
|
page readonly
|
|
|
|
7FF561DA4000
|
unkown image
|
page readonly
|
|
|
|
7DF59D2C0000
|
unkown image
|
page readonly
|
|
|
|
231EBB9D000
|
unkown
|
page read and write
|
|
|
|
231EB238000
|
unkown
|
page read and write
|
|
|
|
7DF5B7010000
|
unkown image
|
page readonly
|
|
|
|
231EBB9A000
|
unkown
|
page read and write
|
|
|
|
231EBB86000
|
unkown
|
page read and write
|
|
|
|
2768ECF7000
|
heap default
|
page read and write
|
|
|
|
7DF5685A0000
|
unkown image
|
page readonly
|
|
|
|
8806CDA000
|
unkown
|
page read and write
|
|
|
|
7FF53F059000
|
unkown image
|
page readonly
|
|
|
|
7FF55A8BA000
|
unkown image
|
page readonly
|
|
|
|
7FF5A92BF000
|
unkown image
|
page readonly
|
|
|
|
7FF561A0C000
|
unkown image
|
page readonly
|
|
|
|
186FEFB000
|
stack
|
page read and write
|
|
|
|
22F1BFB0000
|
unkown image
|
page readonly
|
|
|
|
231EBB8B000
|
unkown
|
page read and write
|
|
|
|
231EBB95000
|
unkown
|
page read and write
|
|
|
|
169A5C00000
|
unkown
|
page read and write
|
|
|
|
7FF561CB7000
|
unkown image
|
page readonly
|
|
|
|
169A59B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A92BD000
|
unkown image
|
page readonly
|
|
|
|
7FF53EFAB000
|
unkown image
|
page readonly
|
|
|
|
7FF58F430000
|
unkown image
|
page readonly
|
|
|
|
2768ED40000
|
unkown
|
page read and write
|
|
|
|
145A0180000
|
unkown image
|
page readonly
|
|
|
|
231EBB60000
|
unkown
|
page read and write
|
|
|
|
7FF561E97000
|
unkown image
|
page readonly
|
|
|
|
1D8C8F50000
|
unkown image
|
page readonly
|
|
|
|
231EBB95000
|
unkown
|
page read and write
|
|
|
|
231EB2EC000
|
unkown
|
page read and write
|
|
|
|
7FF53EF01000
|
unkown image
|
page readonly
|
|
|
|
231EB2E8000
|
unkown
|
page read and write
|
|
|
|
7FF5621CA000
|
unkown image
|
page readonly
|
|
|
|
22F1BDA6000
|
unkown
|
page read and write
|
|
|
|
7DF5B7030000
|
unkown image
|
page readonly
|
|
|
|
7FF55A02A000
|
unkown image
|
page readonly
|
|
|
|
7FF53F13A000
|
unkown image
|
page readonly
|
|
|
|
231EBBC5000
|
unkown
|
page read and write
|
|
|
|
1459FC8C000
|
unkown
|
page read and write
|
|
|
|
169A5C55000
|
unkown
|
page read and write
|
|
|
|
7FF561DA7000
|
unkown image
|
page readonly
|
|
|
|
231EBB9D000
|
unkown
|
page read and write
|
|
|
|
7DF5B7020000
|
unkown image
|
page readonly
|
|
|
|
7FF53EC31000
|
unkown image
|
page readonly
|
|
|
|
7FF55A935000
|
unkown image
|
page readonly
|
|
|
|
169A5D02000
|
unkown
|
page read and write
|
|
|
|
7FF53EF3B000
|
unkown image
|
page readonly
|
|
|
|
7FF53EF20000
|
unkown image
|
page readonly
|
|
|
|
7FF5A9035000
|
unkown image
|
page readonly
|
|
|
|
2768EC90000
|
unkown
|
page read and write
|
|
|
|
169A5C64000
|
unkown
|
page read and write
|
|
|
|
7FF5A92D3000
|
unkown image
|
page readonly
|
|
|
|
7FF53F151000
|
unkown image
|
page readonly
|
|
|
|
7FF559FAA000
|
unkown image
|
page readonly
|
|
|
|
7FF5A93B1000
|
unkown image
|
page readonly
|
|
|
|
231EBB9B000
|
unkown
|
page read and write
|
|
|
|
7FF5A92E7000
|
unkown image
|
page readonly
|
|
|
|
7FF5620FE000
|
unkown image
|
page readonly
|
|
|
|
1459FBB0000
|
unkown
|
page read and write
|
|
|
|
1459FB90000
|
unkown image
|
page readonly
|
|
|
|
7FF58F58E000
|
unkown image
|
page readonly
|
|
|
|
7FF5620DD000
|
unkown image
|
page readonly
|
|
|
|
22F1BEA0000
|
unkown
|
page read and write
|
|
|
|
231EBBD5000
|
unkown
|
page read and write
|
|
|
|
231EB2E1000
|
unkown
|
page read and write
|
|
|
|
169A5AE0000
|
unkown image
|
page readonly
|
|
|
|
169A5C2A000
|
unkown
|
page read and write
|
|
|
|
1D8C9650000
|
unkown image
|
page readonly
|
|
|
|
7FF58F4BB000
|
unkown image
|
page readonly
|
|
|
|
7FF53EFD1000
|
unkown image
|
page readonly
|
|
|
|
2768EBA0000
|
unkown image
|
page readonly
|
|
|
|
1459FA60000
|
unkown image
|
page readonly
|
|
|
|
1459FC29000
|
unkown
|
page read and write
|
|
|
|
7DF59D2E0000
|
unkown image
|
page readonly
|
|
|
|
1D8C9802000
|
unkown
|
page read and write
|
|
|
|
7FF5621C1000
|
unkown image
|
page readonly
|
|
|
|
7FF56214D000
|
unkown image
|
page readonly
|
|
|
|
7DF567CA2000
|
unkown image
|
page readonly
|
|
|
|
7DF5B7020000
|
unkown image
|
page readonly
|
|
|
|
231EB251000
|
unkown
|
page read and write
|
|
|
|
7FF55A89E000
|
unkown image
|
page readonly
|
|
|
|
7FF55A863000
|
unkown image
|
page readonly
|
|
|
|
2768EB90000
|
unkown image
|
page readonly
|
|
|
|
231EB2C6000
|
unkown
|
page read and write
|
|
|
|
2768EF70000
|
unkown image
|
page readonly
|
|
|
|
7FF58F44B000
|
unkown image
|
page readonly
|
|
|
|
231EB313000
|
unkown
|
page read and write
|
|
|
|
145A0000000
|
unkown image
|
page readonly
|
|
|
|
7DF567CB0000
|
unkown image
|
page readonly
|
|
|
|
7FF53F05F000
|
unkown image
|
page readonly
|
|
|
|
231EBB6F000
|
unkown
|
page read and write
|
|
|
|
231EBB95000
|
unkown
|
page read and write
|
|
|
|
186FBEE000
|
stack
|
page read and write
|
|
|
|
7FF55A8BD000
|
unkown image
|
page readonly
|
|
|
|
1D8C9013000
|
unkown
|
page read and write
|
|
|
|
231EB256000
|
unkown
|
page read and write
|
|
|
|
231EB2EB000
|
unkown
|
page read and write
|
|
|
|
7FF5A932A000
|
unkown image
|
page readonly
|
|
|
|
231EB9B0000
|
unkown image
|
page read and write
|
|
|
|
7FF5A930E000
|
unkown image
|
page readonly
|
|
|
|
8672F4C000
|
unkown
|
page read and write
|
|
|
|
7FF5A9161000
|
unkown image
|
page readonly
|
|
|
|
7DF567C92000
|
unkown image
|
page readonly
|
|
|
|
7FF55A0D9000
|
unkown image
|
page readonly
|
|
|
|
1D8C9108000
|
unkown
|
page read and write
|
|
|
|
7FF5A9389000
|
unkown image
|
page readonly
|
|
|
|
7DF56FE42000
|
unkown image
|
page readonly
|
|
|
|
7FF55A931000
|
unkown image
|
page readonly
|
|
|
|
22F1BE80000
|
unkown
|
page read and write
|
|
|
|
2768ED40000
|
unkown
|
page read and write
|
|
|
|
7DF54CDD0000
|
unkown image
|
page readonly
|
|
|
|
22F1BED0000
|
unkown image
|
page readonly
|
|
|
|
14F5877000
|
stack
|
page read and write
|
|
|
|
231EBBAE000
|
unkown
|
page read and write
|
|
|
|
7FF562051000
|
unkown image
|
page readonly
|
|
|
|
231EBB95000
|
unkown
|
page read and write
|
|
|
|
2768EFA5000
|
heap private
|
page read and write
|
|
|
|
7DF59D2D2000
|
unkown image
|
page readonly
|
|
|
|
7FF53F122000
|
unkown image
|
page readonly
|
|
|
|
231EB23A000
|
unkown
|
page read and write
|
|
|
|
2768FAC0000
|
unkown
|
page read and write
|
|
|
|
7FF561CB1000
|
unkown image
|
page readonly
|
|
|
|
169A5BD0000
|
unkown
|
page read and write
|
|
|
|
231EC000000
|
unkown
|
page read and write
|
|
|
|
7DF5B7022000
|
unkown image
|
page readonly
|
|
|
|
2768ECB0000
|
unkown
|
page read and write
|
|
|
|
231EB24B000
|
unkown
|
page read and write
|
|
|
|
231EC002000
|
unkown
|
page read and write
|
|
|
|
7FF5A92D7000
|
unkown image
|
page readonly
|
|
|
|
7FF58F580000
|
unkown image
|
page readonly
|
|
|
|
7FF5A9205000
|
unkown image
|
page readonly
|
|
|
|
7FF53F07E000
|
unkown image
|
page readonly
|
|
|
|
22F1BD96000
|
unkown
|
page read and write
|
|
|
|
7FF53EC37000
|
unkown image
|
page readonly
|
|
|
|
7FF5620C7000
|
unkown image
|
page readonly
|
|
|
|
8F65F7B000
|
stack
|
page read and write
|
|
|
|
231EBB67000
|
unkown
|
page read and write
|
|
|
|
22F1BC50000
|
unkown image
|
page read and write
|
|
|
|
7FF58F5B3000
|
unkown image
|
page readonly
|
|
|
|
231EB316000
|
unkown
|
page read and write
|
|
|
|
7DF567C90000
|
unkown image
|
page readonly
|
|
|
|
7FF58F651000
|
unkown image
|
page readonly
|
|
|
|
7DF54CDC0000
|
unkown image
|
page readonly
|
|
|
|
2768ED38000
|
unkown
|
page read and write
|
|
|
|
187007E000
|
stack
|
page read and write
|
|
|
|
7FF53F0AE000
|
unkown image
|
page readonly
|
|
|
|
22F1BD96000
|
heap default
|
page read and write
|
|
|
|
7DF567CB0000
|
unkown image
|
page readonly
|
|
|
|
231EB270000
|
unkown
|
page read and write
|
|
|
|
7FF58F56F000
|
unkown image
|
page readonly
|
|
|
|
186FAEB000
|
unkown
|
page read and write
|
|
|
|
231EBB9D000
|
unkown
|
page read and write
|
|
|
|
169A6202000
|
unkown
|
page read and write
|
|
|
|
7FF5A9231000
|
unkown image
|
page readonly
|
|
|
|
7FF5620DF000
|
unkown image
|
page readonly
|
|
|
|
7FF55A924000
|
unkown image
|
page readonly
|
|
|
|
1459FE00000
|
unkown image
|
page readonly
|
|
|
|
14F51CC000
|
unkown
|
page read and write
|
|
|
|
7DF56FE30000
|
unkown image
|
page readonly
|
|
|
|
2768ED40000
|
unkown
|
page read and write
|
|
|
|
7FF55A893000
|
unkown image
|
page readonly
|
|
|
|
186FFFB000
|
stack
|
page read and write
|
|
|
|
7FF53F151000
|
unkown image
|
page readonly
|
|
|
|
231EC002000
|
unkown
|
page read and write
|
|
|
|
1D8C9070000
|
unkown
|
page read and write
|
|
|
|
1870177000
|
stack
|
page read and write
|
|
|
|
7FF53F073000
|
unkown image
|
page readonly
|
|
|
|
7FF53EFD5000
|
unkown image
|
page readonly
|
|
|
|
7FF562081000
|
unkown image
|
page readonly
|
|
|
|
7FF5620F7000
|
unkown image
|
page readonly
|
|
|
|
7FF58F4E1000
|
unkown image
|
page readonly
|
|
|
|
1D8C8FA0000
|
heap default
|
page read and write
|
|
|
|
231EB6D0000
|
unkown image
|
page readonly
|
|
|
|
22F1BFA0000
|
heap private
|
page read and write
|
|
|
|
169A5D08000
|
unkown
|
page read and write
|
|
|
|
7FF559BDA000
|
unkown image
|
page readonly
|
|
|
|
7DF54CDC0000
|
unkown image
|
page readonly
|
|
|
|
2768EFA9000
|
heap private
|
page read and write
|
|
|
|
7FF5621D1000
|
unkown image
|
page readonly
|
|
|
|
7FF562107000
|
unkown image
|
page readonly
|
|
|
|
14F56FB000
|
stack
|
page read and write
|
|
|
|
7FF58F557000
|
unkown image
|
page readonly
|
|
|
|
7FF559F43000
|
unkown image
|
page readonly
|
|
|
|
86733FF000
|
stack
|
page read and write
|
|
|
|
7DF56FE50000
|
unkown image
|
page readonly
|
|
|
|
7DF56FE32000
|
unkown image
|
page readonly
|
|
|
|
1D8C907E000
|
unkown
|
page read and write
|
|
|
|
231EBB00000
|
unkown
|
page read and write
|
|
|
|
14F547E000
|
stack
|
page read and write
|
|
|
|
7FF53F070000
|
unkown image
|
page readonly
|
|
|
|
231EB302000
|
unkown
|
page read and write
|
|
|
|
1459FA90000
|
unkown image
|
page readonly
|
|
|
|
8F6627F000
|
stack
|
page read and write
|
|
|
|
1D8C8FB0000
|
unkown image
|
page readonly
|
|
|
|
14F597E000
|
stack
|
page read and write
|
|
|
|
7DF5685A2000
|
unkown image
|
page readonly
|
|
|
|
DF6B0FA000
|
stack
|
page read and write
|
|
|
|
22F1BEE0000
|
unkown image
|
page readonly
|
|
|
|
7FF58F4CC000
|
unkown image
|
page readonly
|
|
|
|
7FF53EDD5000
|
unkown image
|
page readonly
|
|
|
|
231EB130000
|
unkown image
|
page readonly
|
|
|
|
231EB250000
|
unkown
|
page read and write
|
|
|
|
7FF56202B000
|
unkown image
|
page readonly
|
|
|
|
231EBB9C000
|
unkown
|
page read and write
|
|
|
|
231EB1B0000
|
unkown
|
page read and write
|
|
|
|
7FF58F569000
|
unkown image
|
page readonly
|
|
|
|
7DF465B60000
|
unkown image
|
page readonly
|
|
|
|
1459FC00000
|
unkown
|
page read and write
|
|
|
|
7FF58F4E5000
|
unkown image
|
page readonly
|
|
|
|
231EBB7F000
|
unkown
|
page read and write
|
|
|
|
7DF5B7012000
|
unkown image
|
page readonly
|
|
|
|
7FF559E9C000
|
unkown image
|
page readonly
|
|
|
|
7FF58F632000
|
unkown image
|
page readonly
|
|
|
|
22F1C1B0000
|
unkown image
|
page readonly
|
|
|
|
7FF559F46000
|
unkown image
|
page readonly
|
|
|
|
DF6A9FB000
|
stack
|
page read and write
|
|
|
|
7FF55A002000
|
unkown image
|
page readonly
|
|
|
|
231EB2FB000
|
unkown
|
page read and write
|
|
|
|
169A59A0000
|
heap private
|
page read and write
|
|
|
|
7FF5A8BF2000
|
unkown image
|
page readonly
|
|
|
|
8F65C7B000
|
unkown
|
page read and write
|
|
|
|
7FF58F3E6000
|
unkown image
|
page readonly
|
|
|
|
1459FC55000
|
unkown
|
page read and write
|
|
|
|
7FF5A9180000
|
unkown image
|
page readonly
|
|
|
|
1D8C9088000
|
unkown
|
page read and write
|
|
|
|
1459FC8A000
|
unkown
|
page read and write
|
|
|
|
22F1BDAE000
|
unkown
|
page read and write
|
|
|
|
231EC06A000
|
unkown
|
page read and write
|
|
|
|
DF6AAF7000
|
stack
|
page read and write
|
|
|
|
7FF55A860000
|
unkown image
|
page readonly
|
|
|
|
7DF5685B2000
|
unkown image
|
page readonly
|
|
|
|
169A5C5C000
|
unkown
|
page read and write
|
|
|
|
7FF53F0CA000
|
unkown image
|
page readonly
|
|
|
|
231EBB5F000
|
unkown
|
page read and write
|
|
|
|
7FF55A867000
|
unkown image
|
page readonly
|
|
|
|
14F5A7F000
|
stack
|
page read and write
|
|
|
|
7FF561FBB000
|
unkown image
|
page readonly
|
|
|
|
7FF58F644000
|
unkown image
|
page readonly
|
|
|
|
7FF561969000
|
unkown image
|
page readonly
|
|
|
|
7DF59D2D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A92B9000
|
unkown image
|
page readonly
|
|
|
|
7DF54CDD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A92A7000
|
unkown image
|
page readonly
|
|
|
|
231EBBC4000
|
unkown
|
page read and write
|
|
|
|
7FF55A92A000
|
unkown image
|
page readonly
|
|
|
|
231EBBC3000
|
unkown
|
page read and write
|
|
|
|
7DF59D2C2000
|
unkown image
|
page readonly
|
|
|
|
7FF58EEA2000
|
unkown image
|
page readonly
|
|
|
|
231EBB89000
|
unkown
|
page read and write
|
|
|
|
1D8C8F40000
|
heap private
|
page read and write
|
|
|
|
231EB2A0000
|
unkown
|
page read and write
|
|
|
|
1D8C9055000
|
unkown
|
page read and write
|
|
|
|
231EBB9D000
|
unkown
|
page read and write
|
|
|
|
7FF559F36000
|
unkown image
|
page readonly
|
|
|
|
7DF59D2D0000
|
unkown image
|
page readonly
|
|
|
|
DF6B2F8000
|
stack
|
page read and write
|
|
|
|
231EB2BF000
|
unkown
|
page read and write
|
|
|
|
231EBBC5000
|
unkown
|
page read and write
|
|
|
|
7FF55A941000
|
unkown image
|
page readonly
|
|
|
|
1D8C8F30000
|
unkown image
|
page read and write
|
|
|
|
231EB2A7000
|
unkown
|
page read and write
|
|
|
|
7FF53EFA5000
|
unkown image
|
page readonly
|
|
|
|
7FF55A853000
|
unkown image
|
page readonly
|
|
|
|
231EBB1A000
|
unkown
|
page read and write
|
|
|
|
1459FD02000
|
unkown
|
page read and write
|
|
|
|
7FF562055000
|
unkown image
|
page readonly
|
|
|
|
7FF5621D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5685C0000
|
unkown image
|
page readonly
|
|
|
|
7FF53EFCB000
|
unkown image
|
page readonly
|
|
|
|
7DF567CA2000
|
unkown image
|
page readonly
|
|
|
|
7FF56203C000
|
unkown image
|
page readonly
|
|
|
|
169A5C58000
|
unkown
|
page read and write
|
|
|
|
2768F1C0000
|
unkown image
|
page readonly
|
|
|
|
7DF5685C0000
|
unkown image
|
page readonly
|
|
|
|
7FF53EFBC000
|
unkown image
|
page readonly
|
|
|
|
7FF55A93A000
|
unkown image
|
page readonly
|
|
|
|
880717F000
|
stack
|
page read and write
|
|
|
|
231EB110000
|
unkown image
|
page read and write
|
|
|
|
867327E000
|
stack
|
page read and write
|
|
|
|
231EBB75000
|
unkown
|
page read and write
|
|
|
|
187027F000
|
stack
|
page read and write
|
|
|
|
7FF53F134000
|
unkown image
|
page readonly
|
|
|
|
231EBBA7000
|
unkown
|
page read and write
|
|
|
|
7FF55A84F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A9235000
|
unkown image
|
page readonly
|
|
|
|
7FF55A021000
|
unkown image
|
page readonly
|
|
|
|
7FF53E98C000
|
unkown image
|
page readonly
|
|
|
|
231EBBA8000
|
unkown
|
page read and write
|
|
|
|
7FF559F50000
|
unkown image
|
page readonly
|
|
|
|
231EC100000
|
unkown
|
page read and write
|
|
|
|
231EBBCD000
|
unkown
|
page read and write
|
|
|
|
8F6637F000
|
stack
|
page read and write
|
|
|
|
7DF5B7010000
|
unkown image
|
page readonly
|
|
|
|
2768EFA0000
|
heap private
|
page read and write
|
|
|
|
231EBB78000
|
unkown
|
page read and write
|
|
|
|
231EBBBD000
|
unkown
|
page read and write
|
|
|
|
8806D5F000
|
stack
|
page read and write
|
|
|
|
231EBB74000
|
unkown
|
page read and write
|
|
|
|
7DF49B190000
|
unkown image
|
page readonly
|
|
|
|
7FF5A9327000
|
unkown image
|
page readonly
|
|
|
|
186FB6E000
|
stack
|
page read and write
|
|
|
|
231EBBA3000
|
unkown
|
page read and write
|
|
|
|
169A5A00000
|
heap default
|
page read and write
|
|
|
|
1459FC02000
|
unkown
|
page read and write
|
|
|
|
231EBA02000
|
unkown
|
page read and write
|
|
|
|
7FF53F087000
|
unkown image
|
page readonly
|
|
|
|
DF6B1F8000
|
stack
|
page read and write
|
|
|
|
7FF58F147000
|
unkown image
|
page readonly
|
|
|
|
2768FAD0000
|
unkown
|
page read and write
|
|
|
|
22F1C330000
|
unkown image
|
page readonly
|
|
|
|
7FF58F5DD000
|
unkown image
|
page readonly
|
|
|
|
7FF545F41000
|
unkown image
|
page readonly
|
|
|
|
DF6ACFB000
|
stack
|
page read and write
|
|
|
|
1459FA60000
|
unkown image
|
page readonly
|
|
|
|
7FF559BEE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A92D0000
|
unkown image
|
page readonly
|
|
|
|
2768EFB0000
|
unkown
|
page read and write
|
|
|
|
7FF5A90AA000
|
unkown image
|
page readonly
|
|
|
|
7FF55A88B000
|
unkown image
|
page readonly
|
|
|
|
7FF58F5BE000
|
unkown image
|
page readonly
|
|
|
|
DF6A59B000
|
unkown
|
page read and write
|
|
|
|
7DF59D2E0000
|
unkown image
|
page readonly
|
|
|
|
7FF53EF1D000
|
unkown image
|
page readonly
|
|
|
|
7FF5621A9000
|
unkown image
|
page readonly
|
|
|
|
7FF53F05D000
|
unkown image
|
page readonly
|
|
|
|
7FF58F404000
|
unkown image
|
page readonly
|
|
|
|
7DF5B7022000
|
unkown image
|
page readonly
|
|
|
|
231EC163000
|
unkown
|
page read and write
|
|
|
|
7FF5598B9000
|
unkown image
|
page readonly
|
|
|
|
7FF5A9394000
|
unkown image
|
page readonly
|
|
|
|
7FF5620E3000
|
unkown image
|
page readonly
|
|
|
|
7FF56196D000
|
unkown image
|
page readonly
|
|
|
|
14F577E000
|
stack
|
page read and write
|
|
|
|
231EBBCD000
|
unkown
|
page read and write
|
|
|
|
231EB1D0000
|
unkown image
|
page readonly
|
|
|
|
169A59B0000
|
unkown image
|
page readonly
|
|
|
|
7DF466470000
|
unkown image
|
page readonly
|
|
|
|
231EB120000
|
heap private
|
page read and write
|
|
|
|
7FF5A9382000
|
unkown image
|
page readonly
|
|
|
|
231EBB74000
|
unkown
|
page read and write
|
|
|
|
7FF5A93B1000
|
unkown image
|
page readonly
|
|
|
|
7FF559E47000
|
unkown image
|
page readonly
|
|
|
|
169A5C5F000
|
unkown
|
page read and write
|
|
|
|
231EB930000
|
unkown image
|
page write copy
|
|
|
|
7FF58F5DA000
|
unkown image
|
page readonly
|
|
|
|
22F1BDC0000
|
unkown
|
page read and write
|
|
|
|
7FF5A92DE000
|
unkown image
|
page readonly
|
|
|
|
2768EDF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A932D000
|
unkown image
|
page readonly
|
|
|
|
7FF561E55000
|
unkown image
|
page readonly
|
|
|
|
145A0402000
|
unkown
|
page read and write
|
|
|
|
7FF5621A2000
|
unkown image
|
page readonly
|
|
|
|
231EB2B1000
|
unkown
|
page read and write
|
|
|
|
7FF5621B4000
|
unkown image
|
page readonly
|
|
|
|
2768F3C0000
|
unkown image
|
page readonly
|
|
|
|
231EB190000
|
unkown image
|
page readonly
|
|
|
|
22F1BDC0000
|
unkown
|
page read and write
|
|
|
|
1D8C9029000
|
unkown
|
page read and write
|
|
|
|
DF6A8FF000
|
stack
|
page read and write
|
|
|
|
169A5D13000
|
unkown
|
page read and write
|
|
|
|
22F1BDC0000
|
unkown
|
page read and write
|
|
|
|
8806DDE000
|
stack
|
page read and write
|
|
|
|
7FF55A919000
|
unkown image
|
page readonly
|
|
|
|
231EC002000
|
unkown
|
page read and write
|
|
|
|
7FF5598BE000
|
unkown image
|
page readonly
|
|
|
|
7FF58F597000
|
unkown image
|
page readonly
|
|
|
|
1D8C9113000
|
unkown
|
page read and write
|
|
|
|
7DF56FE50000
|
unkown image
|
page readonly
|
|
|
|
22F1BFA5000
|
heap private
|
page read and write
|
|
|
|
231EBBAE000
|
unkown
|
page read and write
|
|
|
|
231EBB89000
|
unkown
|
page read and write
|
|
|
|
7FF561F81000
|
unkown image
|
page readonly
|
|
|
|
231EC102000
|
unkown
|
page read and write
|
|
|
|
231EBBBD000
|
unkown
|
page read and write
|
|
|
|
7DF59D2C0000
|
unkown image
|
page readonly
|
|
|
|
231EBB95000
|
unkown
|
page read and write
|
|
|
|
7FF5A920B000
|
unkown image
|
page readonly
|
|
|
|
231EBBB4000
|
unkown
|
page read and write
|
|
|
|
7DF5B7012000
|
unkown image
|
page readonly
|
|
|
|
231EBB98000
|
unkown
|
page read and write
|
|
|
|
7DF59D2C2000
|
unkown image
|
page readonly
|
|
|
|
7FF561F56000
|
unkown image
|
page readonly
|
|
|
|
7FF5620AA000
|
unkown image
|
page readonly
|
|
|
|
231EB150000
|
unkown image
|
page readonly
|
|
|
|
7DF56FE40000
|
unkown image
|
page readonly
|
|
|
|
7DF56FE42000
|
unkown image
|
page readonly
|
|
|
|
1459FD00000
|
unkown
|
page read and write
|
|
|
|
7FF5A919B000
|
unkown image
|
page readonly
|
|
|
|
7FF559DCA000
|
unkown image
|
page readonly
|
|
|
|
231EB850000
|
unkown image
|
page readonly
|
|
|
|
231EBBC3000
|
unkown
|
page read and write
|
|
|
|
7FF561D37000
|
unkown image
|
page readonly
|
|
|
|
7FF561FDF000
|
unkown image
|
page readonly
|
|
|
|
DF6AEFA000
|
stack
|
page read and write
|
|
|
|
7FF5620F3000
|
unkown image
|
page readonly
|
|
|
|
1459FC13000
|
unkown
|
page read and write
|
|
|
|
231EBB80000
|
unkown
|
page read and write
|
|
|
|
22F1BC70000
|
unkown image
|
page readonly
|
|
|
|
7DF567C90000
|
unkown image
|
page readonly
|
|
|
|
231EB23C000
|
unkown
|
page read and write
|
|
|
|
231EBB95000
|
unkown
|
page read and write
|
|
|
|
DF6A87D000
|
stack
|
page read and write
|
|
|
|
231EBBAD000
|
unkown
|
page read and write
|
|
|
|
7FF561B37000
|
unkown image
|
page readonly
|
|
|
|
2768EB70000
|
unkown image
|
page readonly
|
|
|
|
7FF58F56D000
|
unkown image
|
page readonly
|
|
|
|
7FF562025000
|
unkown image
|
page readonly
|
|
|
|
7FF55A025000
|
unkown image
|
page readonly
|
|
|
|
231EB255000
|
unkown
|
page read and write
|
|
|
|
2768EB60000
|
unkown
|
page read and write
|
|
|
|
7FF53EED6000
|
unkown image
|
page readonly
|
|
|
|
8F65D7E000
|
stack
|
page read and write
|
|
|
|
7FF55A86E000
|
unkown image
|
page readonly
|
|
|
|
7FF559F53000
|
unkown image
|
page readonly
|
|
|
|
2768ECF0000
|
heap default
|
page read and write
|
|
|
|
2768EB50000
|
unkown image
|
page read and write
|
|
|
|
2768EB70000
|
unkown image
|
page readonly
|
|
|
|
231EBBC4000
|
unkown
|
page read and write
|
|
|
|
231EBB4E000
|
unkown
|
page read and write
|
|
|
|
1D8C9102000
|
unkown
|
page read and write
|
|
|
|
231EB9A0000
|
unkown
|
page read and write
|
|
|
|
DF6AFFE000
|
stack
|
page read and write
|
|
|
|
7FF561F89000
|
unkown image
|
page readonly
|
|
|
|
169A5C78000
|
unkown
|
page read and write
|
|
|
|
7FF53F0CD000
|
unkown image
|
page readonly
|
|
|
|
2768ECD0000
|
unkown image
|
page readonly
|
|
|
|
1459FC3C000
|
unkown
|
page read and write
|
|
|
|
7FF56204B000
|
unkown image
|
page readonly
|
|
|
|
7FF55A01A000
|
unkown image
|
page readonly
|
|
|
|
7DF5685B2000
|
unkown image
|
page readonly
|
|
|
|
7FF56211B000
|
unkown image
|
page readonly
|
|
|
|
DF6AF7F000
|
stack
|
page read and write
|
|
|
|
88070FE000
|
stack
|
page read and write
|
|
|
|
169A5C82000
|
unkown
|
page read and write
|
|
|
|
187037F000
|
stack
|
page read and write
|
|
|
|
7FF53F0A3000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8E91000
|
unkown image
|
page readonly
|
|
|
|
2768F7E0000
|
unkown
|
page read and write
|
|
|
|
7DF54CDB2000
|
unkown image
|
page readonly
|
|
|
|
7DF4B4EE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A939A000
|
unkown image
|
page readonly
|
|
|
|
7FF562147000
|
unkown image
|
page readonly
|
|
|
|
231EB249000
|
unkown
|
page read and write
|
|
|
|
231EB24D000
|
unkown
|
page read and write
|
|
|
|
231EB247000
|
unkown
|
page read and write
|
|
|
|
231EB200000
|
unkown
|
page read and write
|
|
|
|
7FF5A8BEC000
|
unkown image
|
page readonly
|
|
|
|
7FF53F09B000
|
unkown image
|
page readonly
|
|
|
|
231EC102000
|
unkown
|
page read and write
|
|
|
|
231EB28B000
|
unkown
|
page read and write
|
|
|
|
1D8C8F80000
|
unkown image
|
page readonly
|
|
|
|
7FF5A93A1000
|
unkown image
|
page readonly
|
|
|
|
1D8C9100000
|
unkown
|
page read and write
|
|
|
|
7FF56214A000
|
unkown image
|
page readonly
|
|
|
|
231EBB9D000
|
unkown
|
page read and write
|
|
|
|
7FF53EF5F000
|
unkown image
|
page readonly
|
|
|
|
DF6ADFE000
|
stack
|
page read and write
|
|
|
|
231EB9A0000
|
unkown
|
page read and write
|
|
|
|
7FF58F573000
|
unkown image
|
page readonly
|
|
|
|
7DF5685B0000
|
unkown image
|
page readonly
|
|
|
|
231EBB8B000
|
unkown
|
page read and write
|
|
|
|
1D8C8F70000
|
unkown image
|
page readonly
|
|
|
|
231EB229000
|
unkown
|
page read and write
|
|
|
|
7FF53F063000
|
unkown image
|
page readonly
|
|
There are 631 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
http://download.jword.jp/pub/kaipoke/KaipokeWin2.json
|
|